No need to Cc: me, I follow the list.
* Jacob Clark <
jacob.j...@googlemail.com> [2014-05-22 12:09]:
> My code is more of an authentication provider rather than an SP,
"My code" referrs to the JavaScript thing (where it is an
"authentication provider" for node.js)? In any case, the code which is
being sent (and is parsing) a SAML response acts as a SAML SP.
If that is not the javascript code you referred to, it must be
something else (and you didn't say what that is).
> SimpleSAMLphp still needs to perform the sign on, once authenticated
> there is a callback to re-route back to my app.
Well, SimpleSAMLphp (SSP for short) then acts as a SAML IDP, prompting
the subject to authenticate (i.e., SSP needs to have an authsource
configured to validate credentials against) and issuing SAML
assertions to code acting as an SAML SP.
Call-back and re-routing could either refer to those things.
Or it could mean something internal to that JS code, which does not
concern SSP. I could't say, based on the level of technical details
presented here.
> I do think I have miss-configured something, but not sure what, based on
> these facts could you provide any further help?
These "facts" are not helping much, I'm afraid.
Why not start with describing the setup for SSP you've done so far
(with references to the documentation)?
Also you could send a trace of any SAML protocol messages being sent
back and force, e.g. grabbed from the browser using Olav's excellent
"SAML tracer" extension for Mozilla Firefox.
-peter